<?php
// +----------------------------------------------------------------------+
// | Author:  Evgeny Leontev <eleontev@gmail.com>                         |
// | Copyright (c) 2005 Evgeny Leontev                                    |
// +----------------------------------------------------------------------+
// | This source file is free software; you can redistribute it and/or    |
// | modify it under the terms of the GNU Lesser General Public           |
// | License as published by the Free Software Foundation; either         |
// | version 2.1 of the License, or (at your option) any later version.   |
// |                                                                      |
// | This source file is distributed in the hope that it will be useful,  |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of       |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU    |
// | Lesser General Public License for more details.                      |
// +----------------------------------------------------------------------+

class PasswordUtil
{
	
	var $table = 'user';
	var $id_field = 'id';
	var $pass_field = 'password';
	var $login_field = 'username';
	var $email_field = 'email';
	var $ext_sql = '1=1';
	var $temp_pass_field = false;
	
	
	
	function setExtSql($sql) {
		$this->ext_sql = $sql;
	}	
	
	
	function & getAllInfo($id) {
		$sql = "SELECT * FROM {$this->table}
		WHERE {$this->id_field} = '{$id}'";
		$result = mysql_query($sql) or die (db_error());
		$row = mysql_fetch_assoc($result);
		return $row;
	}
	
	function getUsername($id) {
		$sql = "SELECT {$this->login_field} FROM {$this->table}
		WHERE {$this->id_field} = '{$id}'";
		$result = mysql_query($sql) or die (db_error());
		$var = mysql_result($result, 0);
		return $var;
	}
	
	function getEmail($id) {
		$sql = "SELECT {$this->email_field} FROM {$this->table}
		WHERE {$this->id_field} = '{$id}'";
		$result = mysql_query($sql) or die (db_error());
		$var = mysql_result($result, 0);
		return $var;
	}
	
	// set new password, temporary by default
	function setPassword($id, $password, $temp_password = 1) {
		
		$temp_sql = '';
		if($this->temp_pass_field) {
			$temp_sql = "{$this->temp_pass_field} = $temp_password,";
		}
		
		$sql = "UPDATE {$this->table} SET 
		{$temp_sql}
		{$this->pass_field} = '{$password}'
		WHERE {$this->id_field} = '{$id}'";
		$result = mysql_query($sql) or die (db_error());
		return $password;
	}
	
	
	function generatePassword($num_sign = 3, $num_int = 2) {
		mt_srand(time());
		$a[] = preg_replace("/(.)/e","chr(mt_rand(ord('a'),ord('z')))",str_repeat('.',$num_sign));
		$a[] = preg_replace("/(.)/e","chr(mt_rand(ord('A'),ord('Z')))",str_repeat('.',$num_sign));
		$a[] = preg_replace("/(.)/e","chr(mt_rand(ord('0'),ord('9')))",str_repeat('.',$num_int));
		return str_shuffle(implode('', $a));
	}
	
	
	// return id if password exists false otherwise
	function isPasswordExists($pass) {
		$sql = "SELECT {$this->id_field} FROM {$this->table}
		WHERE {$this->pass_field} = '{$pass}' AND {$this->ext_sql}";
		$result = mysql_query($sql) or die (db_error());
		$row = mysql_fetch_row($result);
		$ret = ($row[0]) ? $row[0] : false;
		
		return $ret;
	}
	
	
	// return id if email exists false otherwise
	function isEmailExists($email) {
	
		$sql = "SELECT {$this->id_field} FROM {$this->table} 
		WHERE {$this->email_field} = '{$email}' AND {$this->ext_sql}";
		$result = mysql_query($sql) or die (db_error());
		$row = mysql_fetch_row($result);
		$ret = ($row[0]) ? $row[0] : false;

		return $ret;
	}
	
	
	// return id if username exists false otherwise
	function isUsernameExists($login) {
		$sql = "SELECT {$this->id_field} FROM {$this->table} 
		WHERE {$this->login_field} = '{$login}' AND {$this->ext_sql}";
		$result = mysql_query($sql) or die (db_error());
		$row = mysql_fetch_row($result);
		$ret = ($row[0]) ? $row[0] : false;
		
		return $ret;
	}
	
	
	// return true if password is temporary false otherwise
	function isTempPassword($id) {
		$sql = "SELECT is_temp_password FROM {$this->table} 
		WHERE {$this->id_field} = '{$id}'";
		$result = mysql_query($sql) or die (db_error());
		$row = mysql_fetch_row($result);
		$ret = ($row[0]) ? true : false;
		
		return $ret;
	}
}
?>